With the increased use of Internet for e-commerce, data subscriptions, internet downloads, healthcare applications, financial analysis, etc, a large amount of data is collected, assimilated, processed and analyzed. Several of the applications depend largely on processing of such data including personal information for effective functioning. For example, applications in financial domain may utilize information about a person including his personal information, such as his salary, savings, credit pattern and spending pattern. Similarly, a hospital application may collect information with regard to a person's insurance details, health records, diagnosis results, current and past medication, etc. Further an e-commerce application may request information about a person's personal preferences which could include their preferred mode of entertainment, appliances that are most used, preferred brands etc.
Therefore, the data utilized by multiple applications, along with other data relevant to the application, includes personal information, personal preferences, etc. Such personal information is generally referred to as “private data” and is the data that is private to the data owners.
The private data of users when utilized in different applications also possesses good amount of utility. Such as, private data can be used for marketing purposes, for studies, including, financial analysis or health care research. The private data taken is generally analyzed, assimilated and, utilized by different applications. Since the private data that is assimilated includes personal details to users, use of such can directly expose a person's identity. Exposed identity may affect individuals in different ways, such as; the private data revealed may add one user to a spam mailing list used for marketing; however another user may receive short message services or phone calls, which may not be acceptable.
To protect the personal details of users, aspects that are considered “sensitive” or, attributes of private data that the data owner does not wish to share are generally removed or censored. Any such censorship implies that the remaining data is which the data owner is not averse to sharing. However, such subjective solutions do not guarantee the protection of privacy of data owners as other attributes which are shared in combination with another attribute may reveal the identity of the private data owner uniquely. For example, a data owner may identify his name, address and phone number to be sensitive attributes and censor these attributed while sharing information with third parties. However, the shared data may contain attributes such as date of birth, place of birth and a congenital condition, which may in combination uniquely identify the data owner.